<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh-CN" lang="zh-CN">
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta name="viewport" content="width=device-width, initial-scale=1.0">
	<meta name="keywords" content="SecWiki，维基，安全，资讯，专题，导航，RSS聚合，Ｗeb安全，Ｗeb安全，移动平台，二进制安全，恶意分析，网络安全，设备安全，运维技术，编程技术，书籍推荐">
	<title>SecWiki周刊（第156期)</title>
	<link rel="stylesheet" type="text/css" href="https://secwiki.b0.upaiyun.com/css/bootstrap.css"/>
    <link rel="stylesheet" type="text/css" href="https://secwiki.b0.upaiyun.com/css/styles.css" />
    <link rel="stylesheet" type="text/css" href="https://secwiki.b0.upaiyun.com/css/people.css" />
    <link rel="shortcut icon" href="https://secwiki.b0.upaiyun.com/img/favicon.ico">
	<meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <script src="//upcdn.b0.upaiyun.com/libs/jquery/jquery-1.8.3.min.js"></script>
</head>

<body>
<div class="navbar navbar-fixed-top"><div class="navbar-inner"><div class="container"><a class="btn btn-navbar" data-toggle="collapse" data-target="#yii_bootstrap_collapse_0"><span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span></a><a href="/index.php" class="brand"><img src="https://secwiki.b0.upaiyun.com/logo.jpg" alt="" /></a><div class="nav-collapse collapse" id="yii_bootstrap_collapse_0"><form class="navbar-search pull-right" action="/news/search">
         <input type="text" class="search-query span2" name="wd" placeholder="SecWiki">
        </form>
    	<ul id="yw0" class="nav"><li><a href="/index.php">首页</a></li><li><a href="/event">新闻</a></li><li><a href="/news">技术</a></li><li><a href="/skill">技能</a></li><li><a href="/topic">专题</a></li><li><a href="/book">书籍</a></li><li><a href="/user/members">成员</a></li><li><a href="/opml/index">聚合</a></li><li><a href="/tougao/create">投稿</a></li></ul></div></div></div></div>
<div class="container" id="page">
			<!-- breadcrumbs -->
	
    <div style="margin-left: 15px;">
	    <div class="row-fluid">
    <div id="content">
            <link rel="stylesheet" type="text/css" href="/css/mweekly.css"/>

<h5><strong>SecWiki周刊（第156期）</strong></h5>
<blockquote> 2017/02/20-2017/02/26</blockquote>
<section id="news">
    <div class="weeklydivide">
      <strong>安全资讯</strong>
    </div><div class="single"><span id="tags">[观点]&nbsp;&nbsp;</span>360《2016中国网络安全报告》内容解读<br><a target="_blank" href="http://www.mottoin.com/96419.html">http://www.mottoin.com/96419.html</a></div><div class="single"><span id="tags">[其它]&nbsp;&nbsp;</span>军机训练遭黑电台干扰 指挥通话插播祖传秘方<br><a target="_blank" href="http://news.sina.com.cn/o/2017-02-21/doc-ifyarrcc8309141.shtml">http://news.sina.com.cn/o/2017-02-21/doc-ifyarrcc8309141.shtml</a></div><div class="single"><span id="tags">[人物]&nbsp;&nbsp;</span>阿里巴巴安全第一人肖力：网络安全的五个洞见 <br><a target="_blank" href="http://www.leiphone.com/news/201702/4NzX5SLlEv5kUqLG.html">http://www.leiphone.com/news/201702/4NzX5SLlEv5kUqLG.html</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>密码学大事件！研究人员公布第一例SHA-1哈希碰撞实例<br><a target="_blank" href="https://zhuanlan.zhihu.com/p/25401383">https://zhuanlan.zhihu.com/p/25401383</a></div><div class="single"><span id="tags">[新闻]&nbsp;&nbsp;</span>2016年中国网络安全大事件<br><a target="_blank" href="http://weibo.com/ttarticle/p/show?id=2309351000124078280734029495&amp;u=3216881963&amp;m=4078280719821362&amp;cu=3216881963">http://weibo.com/ttarticle/p/show?id=2309351000124078280734029495&amp;u=3216881963&amp;m=4078280719821362&amp;cu=3216881963</a></div><div class="single"><span id="tags">[事件]&nbsp;&nbsp;</span>枪支零售商Airsoft GI被黑泄露65000个用户信息<br><a target="_blank" href="http://www.mottoin.com/96847.html">http://www.mottoin.com/96847.html</a></div><div class="single"><span id="tags">[新闻]&nbsp;&nbsp;</span>瑞星推出全新Linux整体解决方案 打造国内最全防护功能<br><a target="_blank" href="http://www.mottoin.com/96849.html">http://www.mottoin.com/96849.html</a></div><div class="single"><span id="tags">[新闻]&nbsp;&nbsp;</span>纽约州网络安全规则将于3月1日生效<br><a target="_blank" href="http://www.mottoin.com/96492.html">http://www.mottoin.com/96492.html</a></div></section><section id="news">
    <div class="weeklydivide">
      <strong>安全技术</strong>
    </div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>github代码泄露扫描工具初探 <br><a target="_blank" href="https://www.yanxiuer.com/githubscan.html">https://www.yanxiuer.com/githubscan.html</a></div><div class="single"><span id="tags">[其它]&nbsp;&nbsp;</span>武装win10，打造子系统下的kali linux<br><a target="_blank" href="http://www.secist.com/archives/2732.html">http://www.secist.com/archives/2732.html</a></div><div class="single"><span id="tags">[取证分析]&nbsp;&nbsp;</span>暗网买信用卡纪实：亲测盗刷无门槛<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MTM2ODM0ODYyMQ==&amp;mid=2651420682&amp;idx=1&amp;sn=a75446f83064b44b9a45db3f0f09eb42&amp;scene=0#wechat_redirect">http://mp.weixin.qq.com/s?__biz=MTM2ODM0ODYyMQ==&amp;mid=2651420682&amp;idx=1&amp;sn=a75446f83064b44b9a45db3f0f09eb42&amp;scene=0#wechat_redirect</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>企业安全建设之使用开源软件建设大规模WAF集群<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MzIwOTc0MDU3NA==&amp;mid=2247483838&amp;idx=1&amp;sn=b51493aafa51b23d7336f54441be9032&amp;chksm=976e77cfa019fed93e54b8c81fc39d4c200c8b27ba56d0bbee45fbb89548105a00b35a61b43f&amp;mpshare=1&amp;scene=23&amp;srcid=0223fGNqT5KIDeuwQjpA3Gwn#rd">http://mp.weixin.qq.com/s?__biz=MzIwOTc0MDU3NA==&amp;mid=2247483838&amp;idx=1&amp;sn=b51493aafa51b23d7336f54441be9032&amp;chksm=976e77cfa019fed93e54b8c81fc39d4c200c8b27ba56d0bbee45fbb89548105a00b35a61b43f&amp;mpshare=1&amp;scene=23&amp;srcid=0223fGNqT5KIDeuwQjpA3Gwn#rd</a></div><div class="single"><span id="tags">[移动安全]&nbsp;&nbsp;</span>MobSF框架及源代码分析<br><a target="_blank" href="http://cryin.startblog.cc/Articles/article/42">http://cryin.startblog.cc/Articles/article/42</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>Discuz ssrf漏洞利用的几个python脚本<br><a target="_blank" href="https://phpinfo.me/2017/02/23/1438.html">https://phpinfo.me/2017/02/23/1438.html</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>新一代子域名爆破工具brutedns<br><a target="_blank" href="http://www.freebuf.com/sectool/127099.html">http://www.freebuf.com/sectool/127099.html</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>一个用于CTF PWN的docker容器<br><a target="_blank" href="http://skysider.com/?p=470">http://skysider.com/?p=470</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>这个破DNS咋就总搞不好？<br><a target="_blank" href="http://mp.weixin.qq.com/s/Q0yvt9a-VmN9k-ikLXZzGQ">http://mp.weixin.qq.com/s/Q0yvt9a-VmN9k-ikLXZzGQ</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>CVE-2017-6074：Linux内核中存在11年的特权提升漏洞<br><a target="_blank" href="http://www.mottoin.com/96940.html">http://www.mottoin.com/96940.html</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>FuzzDomain域名爆破工具发布以及开源<br><a target="_blank" href="http://www.freebuf.com/sectool/127400.html">http://www.freebuf.com/sectool/127400.html</a></div><div class="single"><span id="tags">[无线安全]&nbsp;&nbsp;</span>我是如何通过网络摄像头分析wifi密码的<br><a target="_blank" href="http://paper.seebug.org/225/">http://paper.seebug.org/225/</a></div><div class="single"><span id="tags">[移动安全]&nbsp;&nbsp;</span>Android 渗透测试学习手册（一）Android 安全入门<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&amp;mid=2458282048&amp;idx=1&amp;sn=e17505bda5734a97e869cca787020dd7&amp;scene=0#wechat_redirect">http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&amp;mid=2458282048&amp;idx=1&amp;sn=e17505bda5734a97e869cca787020dd7&amp;scene=0#wechat_redirect</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>Metasploit后门免杀模块之绕过360<br><a target="_blank" href="http://www.ggsec.cn/2017/01/27/msf-web-delivery/">http://www.ggsec.cn/2017/01/27/msf-web-delivery/</a></div><div class="single"><span id="tags">[设备安全]&nbsp;&nbsp;</span>RSA 2017 IoT 专题 ​​​<br><a target="_blank" href="https://www.iotvillage.org/">https://www.iotvillage.org/</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>《谷歌安全白皮书》2017中文版<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&amp;mid=2655294955&amp;idx=1&amp;sn=ea316572c9f9f5a6839f03e4eaf42645&amp;scene=0#wechat_redirect">http://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&amp;mid=2655294955&amp;idx=1&amp;sn=ea316572c9f9f5a6839f03e4eaf42645&amp;scene=0#wechat_redirect</a></div><div class="single"><span id="tags">[移动安全]&nbsp;&nbsp;</span>Android 渗透测试学习手册（二）准备实验环境<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&amp;mid=2458282050&amp;idx=1&amp;sn=b65d1266cfbc2afdc912b97065fb6780&amp;scene=0#wechat_redirect">http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&amp;mid=2458282050&amp;idx=1&amp;sn=b65d1266cfbc2afdc912b97065fb6780&amp;scene=0#wechat_redirect</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>Mt-Falcon——Open-Falcon在美团点评的应用与实践 <br><a target="_blank" href="http://tech.meituan.com/Mt-Falcon_Monitoring_System.html">http://tech.meituan.com/Mt-Falcon_Monitoring_System.html</a></div><div class="single"><span id="tags">[工具]&nbsp;&nbsp;</span>Shadowsocks折腾记<br><a target="_blank" href="http://thief.one/2017/02/22/Linux-Install-Shadowsocks-Client/">http://thief.one/2017/02/22/Linux-Install-Shadowsocks-Client/</a></div><div class="single"><span id="tags">[移动安全]&nbsp;&nbsp;</span>黑手之kali_Nethuner---HID攻击<br><a target="_blank" href="http://www.ggsec.cn/2017/02/05/nethuner-HID/">http://www.ggsec.cn/2017/02/05/nethuner-HID/</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>Web客户端追踪（下）—浏览器指纹追踪 <br><a target="_blank" href="http://www.arkteam.net/?p=1563">http://www.arkteam.net/?p=1563</a></div><div class="single"><span id="tags">[其它]&nbsp;&nbsp;</span>DIY 制作（黑苹果）渗透系统—第二更<br><a target="_blank" href="http://www.secist.com/archives/1718.html">http://www.secist.com/archives/1718.html</a></div><div class="single"><span id="tags">[设备安全]&nbsp;&nbsp;</span>指纹识别原理和万能指纹攻击猜想 <br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MTM2ODM0ODYyMQ==&amp;mid=2651420718&amp;idx=4&amp;sn=aca97331c25739af0b84349aea153215&amp;scene=0#wechat_redirect">http://mp.weixin.qq.com/s?__biz=MTM2ODM0ODYyMQ==&amp;mid=2651420718&amp;idx=4&amp;sn=aca97331c25739af0b84349aea153215&amp;scene=0#wechat_redirect</a></div><div class="single"><span id="tags">[书籍]&nbsp;&nbsp;</span>Docker —— 从入门到实践<br><a target="_blank" href="https://yeasy.gitbooks.io/docker_practice/content/">https://yeasy.gitbooks.io/docker_practice/content/</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>BlackHat专题：Flash漏洞利用样本逆向分析艺术<br><a target="_blank" href="http://paper.seebug.org/224/">http://paper.seebug.org/224/</a></div><div class="single"><span id="tags">[取证分析]&nbsp;&nbsp;</span>域名背后的真相，一个黑产团伙的沦陷<br><a target="_blank" href="http://www.freebuf.com/articles/terminal/127228.html">http://www.freebuf.com/articles/terminal/127228.html</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>京东从OpenStack切换到Kubernetes的经验之谈<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MjM5MDE0Mjc4MA==&amp;mid=2650995488&amp;idx=1&amp;sn=5103cb99753238484c9159692ea91f7b&amp;scene=0#wechat_redirect">http://mp.weixin.qq.com/s?__biz=MjM5MDE0Mjc4MA==&amp;mid=2650995488&amp;idx=1&amp;sn=5103cb99753238484c9159692ea91f7b&amp;scene=0#wechat_redirect</a></div><div class="single"><span id="tags">[设备安全]&nbsp;&nbsp;</span>低成本安全硬件（一）——BadUSB on Arduino <br><a target="_blank" href="http://jia1s.info/lowcost-badUSB/">http://jia1s.info/lowcost-badUSB/</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>多重转发渗透隐藏内网<br><a target="_blank" href="http://3xp10it.cc/web/2017/02/23/%E5%A4%9A%E9%87%8D%E8%BD%AC%E5%8F%91%E6%B8%97%E9%80%8F%E9%9A%90%E8%97%8F%E5%86%85%E7%BD%91/">http://3xp10it.cc/web/2017/02/23/%E5%A4%9A%E9%87%8D%E8%BD%AC%E5%8F%91%E6%B8%97%E9%80%8F%E9%9A%90%E8%97%8F%E5%86%85%E7%BD%91/</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>MySQL Out-of-Band 攻击<br><a target="_blank" href="http://www.mottoin.com/96463.html">http://www.mottoin.com/96463.html</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>find-sec-bugs: FindBugs plugin for security audits of Java applications <br><a target="_blank" href="https://github.com/find-sec-bugs/find-sec-bugs">https://github.com/find-sec-bugs/find-sec-bugs</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>针对蒙古政府的攻击所使用的钓鱼技术<br><a target="_blank" href="http://www.mottoin.com/97113.html">http://www.mottoin.com/97113.html</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>免杀后门venom 和Metasploit 完美绕过360<br><a target="_blank" href="http://www.ggsec.cn/2017/01/15/venom/">http://www.ggsec.cn/2017/01/15/venom/</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>巡风源码初探<br><a target="_blank" href="http://www.mottoin.com/96819.html">http://www.mottoin.com/96819.html</a></div><div class="single"><span id="tags">[取证分析]&nbsp;&nbsp;</span>如何防范被高精度IP定位采集数据<br><a target="_blank" href="http://blog.csdn.net/cuitang1031/article/details/55507004">http://blog.csdn.net/cuitang1031/article/details/55507004</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>Google基础设施安全设计概述翻译和导读<br><a target="_blank" href="https://security.tencent.com/index.php/blog/msg/114">https://security.tencent.com/index.php/blog/msg/114</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>PayloadsAllTheThings: 各种Web 漏洞测试用例及详解<br><a target="_blank" href="https://github.com/swisskyrepo/PayloadsAllTheThings">https://github.com/swisskyrepo/PayloadsAllTheThings</a></div><div class="single"><span id="tags">[数据挖掘]&nbsp;&nbsp;</span>网址安全与深度学习<br><a target="_blank" href="http://www.edu.cn/xxh/spkt/msjt/sp/201702/t20170222_1491538.shtml">http://www.edu.cn/xxh/spkt/msjt/sp/201702/t20170222_1491538.shtml</a></div><div class="single"><span id="tags">[其它]&nbsp;&nbsp;</span>黑客小说：杀手（第十三章 无尽的黑暗 上）<br><a target="_blank" href="http://www.jianshu.com/p/21312f0df2a8">http://www.jianshu.com/p/21312f0df2a8</a></div><div class="single"><span id="tags">[移动安全]&nbsp;&nbsp;</span>Android 渗透测试学习手册（五）Android 取证<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&amp;mid=2458282093&amp;idx=1&amp;sn=4f6272f90b0fdbf04a381d66f46d6c01&amp;scene=0#wechat_redirect">http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&amp;mid=2458282093&amp;idx=1&amp;sn=4f6272f90b0fdbf04a381d66f46d6c01&amp;scene=0#wechat_redirect</a></div><div class="single"><span id="tags">[编程技术]&nbsp;&nbsp;</span>Python协程<br><a target="_blank" href="http://thief.one/2017/02/20/Python%E5%8D%8F%E7%A8%8B/">http://thief.one/2017/02/20/Python%E5%8D%8F%E7%A8%8B/</a></div><div class="single"><span id="tags">[其它]&nbsp;&nbsp;</span>Google Security Whitepaper<br><a target="_blank" href="https://cloud.google.com/security/whitepaper">https://cloud.google.com/security/whitepaper</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>企业安全建设之基础安全建设<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MzIwOTc0MDU3NA==&amp;mid=2247483835&amp;idx=1&amp;sn=daf268dbd71040838072aeafb8ca05f4&amp;chksm=976e77caa019fedc5bb8eda94b54b55df23fa04584b944062f8be2ab1a553b08134a1e7002da&amp;mpshare=1&amp;scene=23&amp;srcid=0221kytTv7lEHWSdFOMxeoSO%23rd">http://mp.weixin.qq.com/s?__biz=MzIwOTc0MDU3NA==&amp;mid=2247483835&amp;idx=1&amp;sn=daf268dbd71040838072aeafb8ca05f4&amp;chksm=976e77caa019fedc5bb8eda94b54b55df23fa04584b944062f8be2ab1a553b08134a1e7002da&amp;mpshare=1&amp;scene=23&amp;srcid=0221kytTv7lEHWSdFOMxeoSO%23rd</a></div><div class="single"><span id="tags">[移动安全]&nbsp;&nbsp;</span>Android 渗透测试学习手册（三）Android 应用的逆向和审计<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&amp;mid=2458282069&amp;idx=2&amp;sn=c5c8392504600df207d2a59f750e0725&amp;scene=0#wechat_redirect">http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&amp;mid=2458282069&amp;idx=2&amp;sn=c5c8392504600df207d2a59f750e0725&amp;scene=0#wechat_redirect</a></div><div class="single"><span id="tags">[恶意分析]&nbsp;&nbsp;</span>【漏洞演示视频】Windows SMBv3 Tree Connect响应拒绝服务漏洞<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MzI4NjE2NjgxMQ==&amp;mid=2650233023&amp;idx=2&amp;sn=6df48e6351b8f7a7e48049db4d859715&amp;chksm=f3e2e2cbc4956bdd1f5e490bdcd3eb66e0abbb77a448c11b60d77719d34e0106a093500990c5#rd">http://mp.weixin.qq.com/s?__biz=MzI4NjE2NjgxMQ==&amp;mid=2650233023&amp;idx=2&amp;sn=6df48e6351b8f7a7e48049db4d859715&amp;chksm=f3e2e2cbc4956bdd1f5e490bdcd3eb66e0abbb77a448c11b60d77719d34e0106a093500990c5#rd</a></div><div class="single"><span id="tags">[恶意分析]&nbsp;&nbsp;</span>Russian APT - APT28 collection of samples including OSX XAgent<br><a target="_blank" href="http://contagiodump.blogspot.com/2017/02/russian-apt-apt28-collection-of-samples.html">http://contagiodump.blogspot.com/2017/02/russian-apt-apt28-collection-of-samples.html</a></div><div class="single"><span id="tags">[恶意分析]&nbsp;&nbsp;</span>模型学习全面概述：利用机器学习查找软件漏洞<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MzA3MzI4MjgzMw==&amp;mid=2650723383&amp;idx=1&amp;sn=a7146db5966a949b63bb02f3ab0f3f02&amp;scene=0#wechat_redirect">http://mp.weixin.qq.com/s?__biz=MzA3MzI4MjgzMw==&amp;mid=2650723383&amp;idx=1&amp;sn=a7146db5966a949b63bb02f3ab0f3f02&amp;scene=0#wechat_redirect</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>阿里云快速部署Flask应用<br><a target="_blank" href="http://www.92ez.com/?action=show&amp;id=23439">http://www.92ez.com/?action=show&amp;id=23439</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>TEW-654TR路由器漏洞分析和挖掘<br><a target="_blank" href="http://www.freebuf.com/vuls/126766.html#0-tsina-1-14513-397232819ff9a47a7b7e80a40613cfe1">http://www.freebuf.com/vuls/126766.html#0-tsina-1-14513-397232819ff9a47a7b7e80a40613cfe1</a></div><div class="single"><span id="tags">[移动安全]&nbsp;&nbsp;</span>Android 渗透测试学习手册（四）对 Android 设备进行流量分析<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&amp;mid=2458282091&amp;idx=2&amp;sn=fc3486b8df2249158b258e679758cbd4&amp;scene=0#wechat_redirect">http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&amp;mid=2458282091&amp;idx=2&amp;sn=fc3486b8df2249158b258e679758cbd4&amp;scene=0#wechat_redirect</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>另类PHP安全漏洞：利用弱类型和对象注入进行SQLi<br><a target="_blank" href="http://www.4hou.com/technology/3327.html">http://www.4hou.com/technology/3327.html</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>cloudflare: Cloudflare Reverse Proxies are Dumping Uninitialized Memory<br><a target="_blank" href="https://bugs.chromium.org/p/project-zero/issues/detail?id=1139">https://bugs.chromium.org/p/project-zero/issues/detail?id=1139</a></div><div class="single"><span id="tags">[数据挖掘]&nbsp;&nbsp;</span>二十年博士延期之怪现状<br><a target="_blank" href="http://blog.sciencenet.cn/blog-430956-1034792.html">http://blog.sciencenet.cn/blog-430956-1034792.html</a></div><div class="single"><span id="tags">[恶意分析]&nbsp;&nbsp;</span>32位程序对64位进程的远程注入实现<br><a target="_blank" href="http://www.4hou.com/technology/3426.html">http://www.4hou.com/technology/3426.html</a></div><div class="single"><span id="tags">[恶意分析]&nbsp;&nbsp;</span>启明星辰ADLab联合电信云堤追踪 Billgates僵尸网络大黑雀<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MzA3NDQ0MzkzMA==&amp;mid=2651674968&amp;idx=1&amp;sn=f84353990d34e22d2a6ebc7db7915748&amp;scene=0#wechat_redirect">http://mp.weixin.qq.com/s?__biz=MzA3NDQ0MzkzMA==&amp;mid=2651674968&amp;idx=1&amp;sn=f84353990d34e22d2a6ebc7db7915748&amp;scene=0#wechat_redirect</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>监控体系建设（二）：监控指标<br><a target="_blank" href="http://mp.weixin.qq.com/s?__biz=MzI2MjA5MjUwMQ==&amp;mid=2650019695&amp;idx=1&amp;sn=a49472a75a952f0c8d3a541ef026c54e&amp;chksm=f250d4d5c5275dc3263326d66165cc63bc2b12317e644dc2a126ae7c9431365cd6eae4e21501&amp;mpshare=1&amp;scene=23&amp;srcid=0219wOWcoipweRh9Z3ndp6Ax%23rd">http://mp.weixin.qq.com/s?__biz=MzI2MjA5MjUwMQ==&amp;mid=2650019695&amp;idx=1&amp;sn=a49472a75a952f0c8d3a541ef026c54e&amp;chksm=f250d4d5c5275dc3263326d66165cc63bc2b12317e644dc2a126ae7c9431365cd6eae4e21501&amp;mpshare=1&amp;scene=23&amp;srcid=0219wOWcoipweRh9Z3ndp6Ax%23rd</a></div><div class="single"><span id="tags">[编程技术]&nbsp;&nbsp;</span>怎样的 Hash 算法能对抗硬件破解<br><a target="_blank" href="https://www.cnblogs.com/index-html/p/hardware-resistant-hash-algorithm.html">https://www.cnblogs.com/index-html/p/hardware-resistant-hash-algorithm.html</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>多台虚拟机搭建模拟网络环境 <br><a target="_blank" href="http://whatbeg.com/2016/09/24/vmnetconstruction.html">http://whatbeg.com/2016/09/24/vmnetconstruction.html</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>Teemo：域名信息收集及爆破工具<br><a target="_blank" href="http://www.mottoin.com/96408.html">http://www.mottoin.com/96408.html</a></div><div class="single"><span id="tags">[漏洞分析]&nbsp;&nbsp;</span>Analysis of MS16-104: .URL files Security Feature Bypass (CVE-2016-3353)<br><a target="_blank" href="http://blog.quarkslab.com/analysis-of-ms16-104-url-files-security-feature-bypass-cve-2016-3353.html">http://blog.quarkslab.com/analysis-of-ms16-104-url-files-security-feature-bypass-cve-2016-3353.html</a></div><div class="single"><span id="tags">[工具]&nbsp;&nbsp;</span>A Great Vim Cheat Sheet<br><a target="_blank" href="http://vimsheet.com/">http://vimsheet.com/</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>Find Security Bugs：Java应用和Android应用审计工具<br><a target="_blank" href="http://www.mottoin.com/97036.html">http://www.mottoin.com/97036.html</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>浅谈Discuz插件代码安全（内附0day）<br><a target="_blank" href="http://mp.weixin.qq.com/s/c2MIQnM9q9eMWaxUO9Pjjg">http://mp.weixin.qq.com/s/c2MIQnM9q9eMWaxUO9Pjjg</a></div><div class="single"><span id="tags">[恶意分析]&nbsp;&nbsp;</span>美国DHS发布《“灰熊草原”网络攻击活动深入分析报告》<br><a target="_blank" href="http://www.freebuf.com/special/126918.html">http://www.freebuf.com/special/126918.html</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>JAVA, PYTHON FTP INJECTION ATTACKS BYPASS FIREWALLS<br><a target="_blank" href="https://threatpost.com/java-python-ftp-injection-attacks-bypass-firewalls/123858/">https://threatpost.com/java-python-ftp-injection-attacks-bypass-firewalls/123858/</a></div><div class="single"><span id="tags">[杂志]&nbsp;&nbsp;</span>SecWiki周刊（第155期)<br><a target="_blank" href="https://www.sec-wiki.com/weekly/155">https://www.sec-wiki.com/weekly/155</a></div><div class="single"><span id="tags">[设备安全]&nbsp;&nbsp;</span>我的MITRE物联网挑战赛之旅<br><a target="_blank" href="http://bobao.360.cn/learning/detail/3524.html?from=timeline">http://bobao.360.cn/learning/detail/3524.html?from=timeline</a></div><div class="single"><span id="tags">[论文]&nbsp;&nbsp;</span>怎样写出优秀的研究论文？ <br><a target="_blank" href="http://whatbeg.com/2016/05/10/how2wtpaper.html">http://whatbeg.com/2016/05/10/how2wtpaper.html</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>Docker Remote api在安全中的应用杂谈<br><a target="_blank" href="https://zhuanlan.zhihu.com/p/25364731">https://zhuanlan.zhihu.com/p/25364731</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>xsec-ssh-firewall: 一个简易的ssh密码防暴力破解程序<br><a target="_blank" href="https://github.com/netxfly/xsec-ssh-firewall">https://github.com/netxfly/xsec-ssh-firewall</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>企业邮件安全防护经验总结<br><a target="_blank" href="http://www.freebuf.com/articles/security-management/127752.html">http://www.freebuf.com/articles/security-management/127752.html</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>内网漫游之SOCKS代理大结局<br><a target="_blank" href="https://xianzhi.aliyun.com/forum/read/735.html">https://xianzhi.aliyun.com/forum/read/735.html</a></div><div class="single"><span id="tags">[Web安全]&nbsp;&nbsp;</span>Injecting_SQLite_database_based_application.pdf<br><a target="_blank" href="https://packetstormsecurity.com/files/141169/Injecting_SQLite_database_based_application.pdf">https://packetstormsecurity.com/files/141169/Injecting_SQLite_database_based_application.pdf</a></div><div class="single"><span id="tags">[运维安全]&nbsp;&nbsp;</span>保护内网安全之提高Windows AD安全性 Part.1<br><a target="_blank" href="http://www.4hou.com/technology/3280.html">http://www.4hou.com/technology/3280.html</a></div></section>
<section id="news">
        <pre style="margin-top: 15px; margin-bottom: 15px; padding: 6px 10px; max-width: 100%; color: rgb(62, 62, 62); background-color: rgb(255, 255, 255); -webkit-print-color-adjust: exact; border-width: 1px; border-style: solid; border-color: rgb(204, 204, 204); font-size: 13px; line-height: 19px; overflow: auto; border-radius: 3px; box-sizing: border-box !important; word-wrap: break-word !important;"><code class="" style="max-width: 100%; -webkit-print-color-adjust: exact; border-width: initial; border-style: none; border-color: initial; background-color: transparent; border-radius: 3px; box-sizing: border-box !important; word-wrap: break-word !important;">-----微信ID：SecWiki-----
SecWiki，5年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com</code></pre>
    <p style="max-width: 100%; min-height: 1em; color: rgb(62, 62, 62); font-size: 16px; white-space: normal; background-color: rgb(255, 255, 255); box-sizing: border-box !important; word-wrap: break-word !important;"><span style="max-width: 100%; font-size: 14px; box-sizing: border-box !important; word-wrap: break-word !important;">本期原文地址:<span style="max-width: 100%; font-family: Helvetica, arial, sans-serif; box-sizing: border-box !important; word-wrap: break-word !important;">&nbsp;<a href="https://www.sec-wiki.com/weekly/156">SecWiki周刊(第156期)</a></span><br style="max-width: 100%; box-sizing: border-box !important; word-wrap: break-word !important;"></span></p>
</section>
    </div><!-- content -->
</div>
    </div>
</div>

<div id="footer" class="footer">
		<div class="container"  style="margin-top: 5px;">
			<div class="span3">
				<div class="one-third column">
					<h5 class="title">
					<a target="_blank" href="/about/index">最新公告</a>						<span class="line"></span>
					</h5>
					<p>
						<a href='http://www.sec-wiki.com/about/donate'>2016-01-01 打赏功能开通</a><br>
						<a href='http://www.sec-wiki.com/about/join'>2015-01-05 如何加入SecWiki</a><br>
						<a href='http://www.sec-wiki.com/about/submit'>2014-08-08 如何快捷提交资讯</a><br>
						<a href='http://www.sec-wiki.com/about/index'>2012-07-01 关于SecWiki</a><br>
				</div>
			</div>

			<div class="span5">
				<div class="one-third column">
					<h5 class="title">
						<a target="_blank" href="/nav/index">友情链接</a>						<span class="line"></span>
					</h5>
					<p>
						<a href='https://www.secsilo.com/'>安全沙漏</a>&nbsp;
						<a href='http://www.freebuf.com/'>Freebuf</a>&nbsp;
						<a href='http://www.anquanquan.info/'>安全圈</a>&nbsp;
						<a href='http://navisec.it/'>Navisec</a>&nbsp;
                        <a href='http://das.scusec.org'>小黑屋</a>&nbsp;
                        <a href='http://www.polaris-lab.com/'>勾陈Lab</a>
                        <br>
						<a href='http://www.ijiandao.com'>网络尖刀</a>&nbsp;
                        <a href='http://www.shellpub.com/'>ShellPub</a>&nbsp;
                        <a href='http://www.secpulse.com/?secwiki'>SecPulse</a>&nbsp;
                        <a href='https://www.secquan.org/'>圈子</a>
                        <a href='http://bluereader.org/'>深蓝阅读</a>&nbsp;<br>
                        <a href='http://www.bugbank.cn/'>漏洞银行</a>
                        <a href='http://bobao.360.cn/'>安全客</a>
                        <a href='http://www.secfree.com/'>指尖安全</a>
                        <a href='https://www.easyaq.com/'>E安全</a>
                        <a href='http://www.vipread.com/'>安全slide</a>

                        <a href="/link">更多</a>
					</p>
				</div>
			</div>

			<div class="span2">
			    <div class="one-third column">
					<h5 class="title">
					<a target="_blank" href="/about/index">SecWiki公众号</a>						<span class="line"></span>
					</h5>
					<div style="margin-top:15px; width: 90px; height: 90px;">
						<img src="https://secwiki.b0.upaiyun.com/weixin.jpg">
					</div>
				</div>
			</div>

			<div class="span2">
				<div class="one-third column">
					<h5 class="title">
					<a target="_blank" href="/about/donate">安全学术圈</a>					<span class="line"></span>
					</h5>
					<div style="margin-top:15px; width: 90px; height: 90px;">
						<img src="https://secwiki.b0.upaiyun.com/secquan.jpg">
					</div>
				</div>
			</div>

		</div>
		<div class="container" style="margin-top:5px;margin-bottom: 10px;">
			<div class="span9">
					Copyright &copy;
					2019                    琼ICP备16003361号-4
                    SecWiki
					<a href="/news/rss">
						<img src="/img/rss.gif" border="0" width="36px" height="14px" alt="订阅SecWiki">
					</a>
					<a href="https://www.upyun.com/">
						<img src="https://secwiki.b0.upaiyun.com/upyun.png" width="80" border="0" alt="UPYUN">
					</a>
					<a href="http://www.vultr.com/?ref=6885244">
						<img src="https://secwiki.b0.upaiyun.com/vultr.png" width="100" border="0" alt="vultr">
					</a>&nbsp;&nbsp;
			</div>
		</div>
</div><!-- footer -->
<div id="csswithjs">
        <script type="text/javascript">
            var _bdhmProtocol = (("https:" == document.location.protocol) ? " https://" : " http://");
            document.write(unescape("%3Cscript src='" + _bdhmProtocol + "hm.baidu.com/h.js%3Fbad84ea1f314383f8da7949aad5c2199' type='text/javascript'%3E%3C/script%3E"));
    </script>
</div>
<script type="text/javascript" src="https://secwiki.b0.upaiyun.com/js/bs.min.js"></script>
<script type="text/javascript">
/*<![CDATA[*/
jQuery(function($) {
jQuery('[data-toggle=popover]').popover();
jQuery('body').tooltip({"selector":"[data-toggle=tooltip]"});
jQuery('#yii_bootstrap_collapse_0').collapse({'parent':false,'toggle':false});
});
/*]]>*/
</script>
</body>
<!-- page -->
</html>
